2022-03-08 19:42:28 +01:00
|
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
|
|
<rougail version="0.10">
|
|
|
|
<services>
|
|
|
|
<service name="slapd" target="multi-user">
|
|
|
|
<override/>
|
|
|
|
<file>/etc/pki/tls/certs/openldap.crt</file>
|
|
|
|
<file owner="ldap" mode="400">/etc/pki/tls/private/openldap.key</file>
|
|
|
|
<file owner="ldap">/var/lib/ldap/DB_CONFIG</file>
|
2022-12-25 17:08:52 +01:00
|
|
|
<file owner="ldap" mode="400">/etc/ldap/secrets/config.ldif</file>
|
2023-01-17 21:43:32 +01:00
|
|
|
<file owner="ldap" mode="400">/etc/ldap/secrets/users.ldif</file>
|
|
|
|
<file>/secrets/users_mod.ldif</file>
|
|
|
|
<file>/secrets/config_acl.ldif</file>
|
|
|
|
<file mode="400">/secrets/admin_ldap.pwd</file>
|
2022-03-08 19:42:28 +01:00
|
|
|
<file engine="none">/sysusers.d/risotto-openldap.conf</file>
|
2022-06-24 19:00:16 +02:00
|
|
|
<file source="tmpfile-openldap-server.conf">/tmpfiles.d/0openldap-server.conf</file>
|
2023-01-17 21:43:32 +01:00
|
|
|
<file filelist="copy_tests">/tests/openldap.yml</file>
|
2022-03-08 19:42:28 +01:00
|
|
|
</service>
|
|
|
|
</services>
|
|
|
|
|
|
|
|
<variables>
|
|
|
|
<family name="annuaire">
|
2022-06-24 19:00:16 +02:00
|
|
|
<family name="server">
|
|
|
|
<variable name='ldap_server_address' redefine="True" hidden="True"/>
|
|
|
|
<variable name='ldap_schemas' type='filename' description='Schémas LDAP additionnel' multi='True'>
|
|
|
|
<value>/etc/openldap/schema/cosine.ldif</value>
|
|
|
|
<value>/etc/openldap/schema/inetorgperson.ldif</value>
|
|
|
|
<value>/etc/openldap/schema/nis.ldif</value>
|
|
|
|
<value>/etc/openldap/schema/misc.ldif</value>
|
2022-03-08 19:42:28 +01:00
|
|
|
</variable>
|
2022-06-24 19:00:16 +02:00
|
|
|
<family name='limits' description='Limites' mode='expert'>
|
|
|
|
<variable name='ldap_loglevel' type='number' description='Niveau de log' mode="expert">
|
|
|
|
<value>0</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='ldap_sizelimit' type='number' description="Nombre maximum d'entrées à retourner lors d'une requête" mode="expert">
|
|
|
|
<value>5000</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='ldap_timelimit' type='number' description='Temps de réponse maximum à une requête (en secondes)' mode="expert">
|
|
|
|
<value>3600</value>
|
|
|
|
</variable>
|
|
|
|
</family>
|
|
|
|
<family name='db_environment' description='DB environment' mode='expert'>
|
|
|
|
<variable name='db_cache_size_g' description="Quantité de Giga-octets à utiliser pour le cache HDB" type="number">
|
|
|
|
<value>0</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_cache_size_o' description="Quantité d'octets à utiliser pour le cache HDB" type="number">
|
|
|
|
<value>268435456</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_cache_chunks' description="Nombre de fichiers ou écrire le cache HDB" type="number">
|
|
|
|
<value>1</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_log_region_max' type='number' description="Quantité de fichier de cache mis en cache mémoire">
|
|
|
|
<value>262144</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_log_max' type='number' description="Quantité d'informations de journalisation conservé jusqu'à rotation">
|
|
|
|
<value>10485760</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_log_bsize' type='number' description="Quantité d'informations de journalisation du cache reporté sur le disque">
|
|
|
|
<value>2097152</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_log_directory' type='filename' description='Répertoire de conservation des informations de journalisation'>
|
|
|
|
<value>/srv/openldap/log</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_lk_max_objects' type='number' description="Nombre d'objet qui peuvent être verrouillés simultanément ">
|
|
|
|
<value>5000</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_lk_max' type='number' description='Nombre de verrous maximal'>
|
|
|
|
<value>5000</value>
|
|
|
|
</variable>
|
|
|
|
<variable name='db_lk_max_lockers' type='number' description='Nombre de verroulleur maximal'>
|
|
|
|
<value>5000</value>
|
|
|
|
</variable>
|
|
|
|
</family>
|
|
|
|
</family>
|
|
|
|
<family name="client">
|
|
|
|
<variable name='ldapclient_user' redefine="True"/>
|
|
|
|
<!--variable name='ldapclient_user_password' redefine="True"/-->
|
|
|
|
<variable name='ldapclient_family' redefine="True" disabled="True"/>
|
2022-08-18 10:19:43 +02:00
|
|
|
<variable name='ldapclient_base_dn' redefine="True" mandatory="True" description="Base DN"/>
|
2022-06-26 19:33:44 +02:00
|
|
|
<variable name='ldap_account_dn' type='string' description="Base DN de l'annuaire des utilisateurs" mandatory="True"/>
|
2022-08-18 10:19:43 +02:00
|
|
|
<variable name='ldapclient_search_dn' redefine="True"/>
|
2022-03-08 19:42:28 +01:00
|
|
|
</family>
|
|
|
|
</family>
|
|
|
|
</variables>
|
|
|
|
<constraints>
|
|
|
|
<!--fill/auto-->
|
|
|
|
<fill name='calc_value'>
|
|
|
|
<param type='variable'>domain_name_eth0</param>
|
|
|
|
<target>ldap_server_address</target>
|
|
|
|
</fill>
|
2022-06-26 19:33:44 +02:00
|
|
|
<fill name="calc_ldapclient_base_dn">
|
|
|
|
<param type="variable">ldapclient_base_dn</param>
|
|
|
|
<param name="base" type="boolean">True</param>
|
|
|
|
<target>ldap_account_dn</target>
|
|
|
|
</fill>
|
2022-03-08 19:42:28 +01:00
|
|
|
<fill name='calc_value'>
|
|
|
|
<param>cn=admin</param>
|
2022-06-24 19:00:16 +02:00
|
|
|
<param type='variable'>ldapclient_base_dn</param>
|
2022-03-08 19:42:28 +01:00
|
|
|
<param name="join">,</param>
|
2022-06-24 19:00:16 +02:00
|
|
|
<target>ldapclient_user</target>
|
2022-03-08 19:42:28 +01:00
|
|
|
</fill>
|
2022-08-18 10:19:43 +02:00
|
|
|
<fill name='calc_value'>
|
|
|
|
<param type="variable">ldapclient_base_dn</param>
|
|
|
|
<target>ldapclient_search_dn</target>
|
|
|
|
</fill>
|
2022-03-08 19:42:28 +01:00
|
|
|
</constraints>
|
|
|
|
</rougail>
|